--- olpc-2.6-master.00/fs/devpts/inode.c	2007-02-28 20:05:28.000000000 -0500
+++ olpc-2.6-master-vs22x.02/fs/devpts/inode.c	2007-03-01 11:52:20.000000000 -0500
@@ -19,7 +19,22 @@
 #include <linux/tty.h>
 #include <linux/devpts_fs.h>
 #include <linux/parser.h>
+#include <linux/vs_base.h>
 
+
+static int devpts_permission(struct inode *inode, int mask, struct nameidata *nd)
+{
+	int ret = -EACCES;
+
+	/* devpts is xid tagged */
+	if (vx_check((xid_t)inode->i_tag, VS_WATCH_P|VS_IDENT))
+		ret = generic_permission(inode, mask, NULL);
+	return ret;
+}
+
+static struct inode_operations devpts_file_inode_operations = {
+	.permission     = devpts_permission,
+};
 
 static struct vfsmount *devpts_mnt;
 static struct dentry *devpts_root;
--- olpc-2.6-master.00/fs/devpts/inode.c	2007-02-28 20:05:28.000000000 -0500
+++ olpc-2.6-master-vs22x.02/fs/devpts/inode.c	2007-03-01 11:52:20.000000000 -0500
@@ -91,6 +105,25 @@ static int devpts_remount(struct super_b
 	return 0;
 }
 
+static int devpts_filter(struct dentry *de)
+{
+	/* devpts is xid tagged */
+	return vx_check((xid_t)de->d_inode->i_tag, VS_WATCH_P|VS_IDENT);
+}
+
+static int devpts_readdir(struct file * filp, void * dirent, filldir_t filldir)
+{
+	return dcache_readdir_filter(filp, dirent, filldir, devpts_filter);
+}
+
+static const struct file_operations devpts_dir_operations = {
+	.open		= dcache_dir_open,
+	.release	= dcache_dir_close,
+	.llseek		= dcache_dir_lseek,
+	.read		= generic_read_dir,
+	.readdir	= devpts_readdir,
+};
+
 static const struct super_operations devpts_sops = {
 	.statfs		= simple_statfs,
 	.remount_fs	= devpts_remount,
--- olpc-2.6-master.00/fs/devpts/inode.c	2007-02-28 20:05:28.000000000 -0500
+++ olpc-2.6-master-vs22x.02/fs/devpts/inode.c	2007-03-01 11:52:20.000000000 -0500
@@ -116,8 +149,10 @@ devpts_fill_super(struct super_block *s,
 	inode->i_uid = inode->i_gid = 0;
 	inode->i_mode = S_IFDIR | S_IRUGO | S_IXUGO | S_IWUSR;
 	inode->i_op = &simple_dir_inode_operations;
-	inode->i_fop = &simple_dir_operations;
+	inode->i_fop = &devpts_dir_operations;
 	inode->i_nlink = 2;
+	/* devpts is xid tagged */
+	inode->i_tag = (tag_t)vx_current_xid();
 
 	devpts_root = s->s_root = d_alloc_root(inode);
 	if (s->s_root)
--- olpc-2.6-master.00/fs/devpts/inode.c	2007-02-28 20:05:28.000000000 -0500
+++ olpc-2.6-master-vs22x.02/fs/devpts/inode.c	2007-03-01 11:52:20.000000000 -0500
@@ -175,6 +210,9 @@ int devpts_pty_new(struct tty_struct *tt
 	inode->i_gid = config.setgid ? config.gid : current->fsgid;
 	inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME;
 	init_special_inode(inode, S_IFCHR|config.mode, device);
+	/* devpts is xid tagged */
+	inode->i_tag = (tag_t)vx_current_xid();
+	inode->i_op = &devpts_file_inode_operations;
 	inode->i_private = tty;
 
 	dentry = get_node(number);